CVE-2025-13223
Published Nov 17, 2025
Last updated 5 days ago
AI description
CVE-2025-13223 is a type confusion vulnerability in the V8 JavaScript and WebAssembly engine of Google Chrome. This flaw allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. Google's Threat Analysis Group (TAG) discovered the vulnerability, confirming that an exploit for it exists in the wild. The vulnerability occurs when the V8 engine misinterprets data types, leading to memory corruption. Successful exploitation could allow attackers to bypass Chrome's sandbox protections and execute arbitrary code on a victim's system. To address this zero-day vulnerability, Google released an emergency update for the Chrome Stable channel.
- Description
- Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Google Chromium V8 Type Confusion Vulnerability
- Exploit added on
- Nov 19, 2025
- Exploit action due
- Dec 10, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- nvd@nist.gov
- CWE-843
- Hype score
- Not currently trending
Google publica una corrección de seguridad para la vulnerabilidad de día cero de Chrome V8 explotada activamente. La vulnerabilidad en cuestión es CVE-2025-13223 (puntuación CVSS: 8,8). #ciberseguridad #cybersecurity https://t.co/MP6rQEkvZg
@EHCGroup
25 Nov 2025
8 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Google Chrome CVE-2025-13223 Zero-Day Exploitation [High] Nov 24, 2025 Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #ThreatIntelligence #CyberSecurity #Innovation #LLM #CyberSecurityWarning https://t.co/GRXm9QTlty
@transilienceai
24 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
What if your browser quietly handed control to a hacker while you scroll? That’s happening right now. A flaw in #Chrome’s #JavaScript engine, V8, called CVE-2025-13223, is already being used. No one knows how many devices are already hit. https://t.co/YTlTZEijxk
@v_shakthi
24 Nov 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome CVE-2025-13223 is actively exploited.Your logs know what happened.But can you see them?Syslog to ELK gives you: → Real-time threat detection → Centralized visibility → Instant log correlation https://t.co/XU7viLnsK6 #Cybersecurity #ELK #SIEM #ThreatDetection ht
@suniltiwari4509
24 Nov 2025
32 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
2 Quotes
Chrome使ってる全員に告ぐ⚠️ CVE-2025-13223 = Webサイト閲覧だけで感染 = すでに攻撃で悪用中 = 34億人が標的 対策してない人、マジでヤバい。 ▼9割が知らない5つの緊急対策 https://t.co/gGPUSJxcgn
@Uriuri_Lecturer
23 Nov 2025
30 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
昨日まで「セキュリティなんて面倒」 って思ってた人へ CVE-2025-13223を知ったら 考えが180度変わると思います。 普通にネット見てただけなのに 気づいたらパソコン乗っ取られてる… そんな悪夢が現実に起
@Uriuri_Lecturer
23 Nov 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Come on @openai @perplexity_ai why can't I find any information about CVE-2025-13223 with respect to Comet nor Atlas? Seems likely both are vulnerable, but no indication either has been patched, and I can't find any statement saying you're not vulnerable and why.
@scode
22 Nov 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome users, heads up: a critical V8 flaw (CVE-2025-13223) is now on CISA’s Known Exploited list. Hackers can use it to corrupt memory and run code. If your business runs Chrome, patch it now before they patch you. https://t.co/pY45tTUPJX #CyberSecurity #ClickSmart
@lowcountrycyber
21 Nov 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔐 Critical #openSUSE Chromium Patch Alert The latest Chromium update for openSUSE addresses two significant vulnerabilities: CVE-2025-13223 and CVE-2025-13224. Read more: 👉 https://t.co/Gcg4bxo368 #Security https://t.co/LFMSdMjuFj
@Cezar_H_Linux
21 Nov 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Important Security Alert for #openSUSE Users 🚨 A mandatory Chromium update is available to address critical type confusion bugs in the V8 JavaScript engine (CVE-2025-13223 & CVE-2025-13224). Read more: 👉 https://t.co/uHChIv5DrA #Security https://t.co/JK9retc6VU
@Cezar_H_Linux
21 Nov 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CISA ostrzega przed aktywnie wykorzystywaną luką 0-Day w Google Chrome (CVE-2025-13223) w silniku V8. Błąd typu „type confusion” umożliwia zdalne wykonanie kodu. Google załatało problem 19.11.2025 - zaktualizuj Chrome do wersji 131.0.6778.72 lub nowszej. @Zaufana3
@CyberScopePl
21 Nov 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Important security update: @opera, @operagxofficial, Opera Air, and Opera for Android have received a security fix for the latest zero-day vulnerability in Chromium: CVE-2025-13223. Update now to the latest versions: Opera One (124.0.5705.42) Opera GX (124.0.5705.38) Opera Air
@Opera_Security
20 Nov 2025
94 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Important security update: @opera, @operagxofficial, Opera Air, and Opera for Android have received a security fix for the latest zero-day vulnerability in Chromium: CVE-2025-13223. Update now to the latest versions: Opera One (124.0.5705.42) Opera GX (124.0.5705.38) Opera Air
@Opera_Security
20 Nov 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome exploit is live and on CISA’s radar. CVE-2025-13223 lets attackers run code via V8 engine flaws—translation: your browser could become their playground. SMBs, update Chrome now or risk getting burned. https://t.co/pY45tTUPJX #CyberSecurity #BrowserSecurity
@lowcountrycyber
20 Nov 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CISA Warns of Google Chrome 0-Day Vulnerability Exploited in Attacks Source: https://t.co/DCXNg2QE6x CISA has issued an urgent alert about a zero-day vulnerability in Google Chrome, actively exploited by threat actors. CVE-2025-13223 is a flaw in the Chromium V8 JavaScrip
@The_Cyber_News
20 Nov 2025
6971 Impressions
46 Retweets
139 Likes
38 Bookmarks
1 Reply
2 Quotes
米国CISAが悪用を確認した脆弱性 #KEV をカタログに追加しました。 🛡️No.1464 CVE-2025-13223 Google Chromium V8 Type Confusion Vulnerability ============= CVSSスコア: 8.8 (Base) / CISA-ADP CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 種別:型
@piyokango
20 Nov 2025
4203 Impressions
2 Retweets
11 Likes
1 Bookmark
0 Replies
0 Quotes
Alerta de Seguridad: Google Lanza Parche Crítico para un ‘Zero-Day’ en Chrome Explotado Activamente (CVE-2025-13223) https://t.co/MMJaraOtMB #CiberSeguridad #Internet #Noticia #Tecnología vía @unaaldia https://t.co/mBBbX3IQW3
@Securizame
20 Nov 2025
220 Impressions
1 Retweet
4 Likes
0 Bookmarks
0 Replies
0 Quotes
Google urges 2 billion Chrome users to install an emergency update for a critical “type confusion” flaw (CVE-2025-13223) already being exploited. Fully restart your browser to stay protected. #etimes #etimespakistan #news #GoogleChrome #ChromeUpdate #CyberSecurity #TypeConfus
@eTimesPakistan
20 Nov 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Another Zero-Day in Chrome – This is the 7th one in 2025! 🚨 Google just emergency-patched CVE-2025-13223 – a critical type confusion flaw in V8 that is already being exploited in the wild. Attackers can trigger heap corruption and potentially run code on your machine
@42sudhir
20 Nov 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warnt vor aktiv ausgenutzter V8-Schwachstelle in Google Chrome - Da bereits funktionierende Exploits für CVE-2025-13223 kursieren, sollten Unternehmen und Endnutzer Chrome schnellstmöglich aktualisieren. https://t.co/Ft0SMSuZYb #Google #patch
@KolaricDav5471
20 Nov 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome users in SEA, update now! Google patches seventh zero-day CVE-2025-13223 actively exploited in the wild. #thisisgamesea https://t.co/6sp5GTFakW
@ThisIsGameSEA
20 Nov 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ZDNetによると、Google ChromeのV8エンジンに新たなゼロデイ脆弱性「CVE-2025-13223」が発見され、悪意あるHTMLでメモリー破損を引き起こし、既に攻撃が確認されています。緊急のアップデート(Windows/Linux版142.0.7444.17
@NewsBrowseJP
19 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #Google Chrome V8 Flaw #CVE-2025-13223 Added to CISA’s Exploited Vulnerabilities List https://t.co/I17CR7ucJt
@UndercodeNews
19 Nov 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google、Chromeを緊急アップデート-サイバー攻撃への悪用が確認されている複数の脆弱性を修正(CVE-2025-13223,13224) https://t.co/kx37s7uCxz #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
19 Nov 2025
122 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAが既知の脆弱性1件をカタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Nov 19) CVE-2025-13223 Google Chromium V8 の型混乱の脆弱性 https://t.co/FsZVjdfSDu
@foxbook
19 Nov 2025
291 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability 🚨💥 Google releases security update for Chrome to fix two active exploitation vulnerabilities, including CVE-2025-13223 (CVSS score: 8.8). Type confusion vulnerability in V8 JavaScript and ht
@HackonomicNews
19 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-13223: Google Chromium V8 Type Confusion Vulnerability has been added to the CISA KEV Catalog https://t.co/9idGUAHIKd CVSS: 8.8
@DarkWebInformer
19 Nov 2025
3225 Impressions
3 Retweets
10 Likes
2 Bookmarks
0 Replies
0 Quotes
Another Chrome zero-day (CVE-2025-13223), already under attack, just got patched. If your team’s still dragging their feet on updates, your data’s on the line. SMBs: push that Chrome update now or risk a breach. https://t.co/1srQPUdULW #CyberSecurity #PatchNow
@lowcountrycyber
19 Nov 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Google Chromium V8 type confusion vulnerability CVE-2025-13223 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/U7AVLgtbXD
@CISACyber
19 Nov 2025
7547 Impressions
23 Retweets
51 Likes
8 Bookmarks
1 Reply
0 Quotes
Heads up, Google pushed a critical Chrome update for a zero-day (CVE-2025-13223) in its V8 JavaScript engine, and it's already being exploited in the wild. If you’re still on an old build, update Chrome right now before someone else takes advantage. (Source:
@TechTal3s
19 Nov 2025
28 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome has released an emergency update to fix its 7th zero-day vulnerability (CVE-2025-13223) this year, a type confusion flaw in the V8 JavaScript engine. Update to version 142.0.7444.175/.176. https://t.co/VoGPN30Weq
@Jfreeg_
19 Nov 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Zero-Day explotado activamente en navegador Google Chrome V8 Google corrigió dos fallos críticos en V8, incluyendo la vulnerabilidad CVE-2025-13223, que ha sido explotada activamente https://t.co/S60OQd3cdH… https://t.co/t4HyaDaiWr
@teamsixinvestig
19 Nov 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Zero-Day explotado activamente en navegador Google Chrome V8 Google corrigió dos fallos críticos en V8, incluyendo la vulnerabilidad CVE-2025-13223, que ha sido explotada activamente https://t.co/JZYa3V9FJ6 https://t.co/ENDOVtK8vu
@elhackernet
19 Nov 2025
3827 Impressions
14 Retweets
51 Likes
6 Bookmarks
0 Replies
0 Quotes
🚨 New Chrome Zero-Day (CVE-2025-13223) — One tab is all it takes. Actively exploited. Used for real-world attacks. I break down the full exploit chain + sandbox escapes (Mojo & ANGLE/GPU) in today’s episode of 🧠 System Fracture. Watch here 👉 https://t.co/oe9U9vED
@PBSech
19 Nov 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Upozorňujeme na aktivně zneužívanou zranitelnost v Google Chrome, CVE-2025-13223. Upozornil na ni i Google a je způsobená špatným typováním ve V8 JavaScript Engine. Tato chyba umožňuje vzdáleným útočníkům zneužít poškození paměti pomocí speciálně vyt
@GOVCERT_CZ
19 Nov 2025
448 Impressions
1 Retweet
5 Likes
0 Bookmarks
1 Reply
0 Quotes
Alerta de Seguridad: Google Lanza Parche Crítico para un ‘Zero-Day’ en Chrome Explotado Activamente (CVE-2025-13223) https://t.co/EDVODXeBIW
@unaaldia
19 Nov 2025
437 Impressions
2 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
【リンク集:2025年11月18~19日のセキュリティ関連ニュース/記事】 <脆弱性> ・Fortinet、攻撃で悪用された新たなFortiWebゼロデイについて警告(CVE-2025-58034) https://t.co/WNrLUQ51os ・Chrome 142、悪用されたゼロデイ
@MachinaRecord
19 Nov 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Fortinet、攻撃で悪用されている新たなFortiWebのゼロデイについて注意喚起:CVE-2025-58034 🔨Google、攻撃で悪用されているChromeのゼロデイを修正:CVE-2025-13223 〜サイバーアラート11月19日〜 https://t.co/9SZ3rqgUJP #
@MachinaRecord
19 Nov 2025
162 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google、ChromeのV8ゼロデイCVE-2025-13223を修正 https://t.co/x0ifcIiQW6 #Security #セキュリティー #ニュース
@SecureShield_
19 Nov 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Google released security updates for Chrome addressing two flaws including an actively exploited zero-day CVE-2025-13223! #Security #Chrome #Vulnerability Check it out here: https://t.co/zaa2X5HajM
@JamaalChalid
18 Nov 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚀 عاجل من جوجل: 🟥 ثغرات أمنية نشطة في كروم (CVSS 8.8) 🔶 التحديث 142.0.7444.175/176 يغلق CVE-2025-13223 و13224 تحققوا من الإصدار فورًا! #أمن_معلومات #غوغل #Google https://t.co/waeJwtmgxX
@TechMagic0
18 Nov 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google が Chrome のゼロデイ脆弱性 (CVE-2025-13223) をさらに修正 Google patches yet another exploited Chrome zero-day (CVE-2025-13223) #HelpNetSecurity (Nov 18) https://t.co/9GwcR3SD6Q
@foxbook
18 Nov 2025
320 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Atualização crítica no Chrome corrige falha explorada: Google lançou patch para duas vulnerabilidades graves no motor V8 do Chrome, incluindo CVE-2025-13223, já ativa em ataques, evitando execução remota de código e falhas no navegador. Atualize já. https://t.co/sgt4ehK9
@caveiratech
18 Nov 2025
18 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google patches yet another exploited Chrome zero-day (CVE-2025-13223) - https://t.co/GgJT73r067 - @googlechrome #0day #CyberSecurity #CyberSecurityNews
@helpnetsecurity
18 Nov 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google patches yet another exploited Chrome zero-day (CVE-2025-13223) https://t.co/ft48tPeAyf
@TheCyberSecHub
18 Nov 2025
627 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote
Google patches yet another exploited Chrome zero-day (CVE-2025-13223) https://t.co/TmBCspmrXF #HelpNetSecurity #Cybersecurity https://t.co/HL5KKgiaGJ
@PoseidonTPA
18 Nov 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آب دستتونه برین اینو پچ کنین (آپدیت کروم به آخرین ورژن) تا به فاک فنا نرفتین CVE-2025-13223 زیرو دی جدید واسه کروم
@LastStandNews24
18 Nov 2025
512 Impressions
0 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
(CVE-2025-13223)[460017370][compiler]Type Confusion(exploited ITW) https://t.co/v3sP41cj9n https://t.co/H0nrEpCE4b Reported by Clément Lecigne(@_clem1)
@xvonfers
18 Nov 2025
1301 Impressions
1 Retweet
14 Likes
13 Bookmarks
0 Replies
0 Quotes
🚨 Chrome Sıfırıncı Gün Açığı; Google, doğada aktif kullanılan CVE-2025-13223 sıfırıncı gün açığı (Type Confusion) için Chrome'a kritik bir güncelleme yayımladı. 🔗https://t.co/EtjRPISDaw https://t.co/mCaomGRX2A
@0mercansiskolu
18 Nov 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📝 𝐆𝐨𝐨𝐠𝐥𝐞 𝐈𝐬𝐬𝐮𝐞𝐬 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐅𝐢𝐱 𝐟𝐨𝐫 𝐀𝐜𝐭𝐢𝐯𝐞𝐥𝐲 𝐄𝐱𝐩𝐥𝐨𝐢𝐭𝐞𝐝 𝐂𝐡𝐫𝐨𝐦𝐞 𝐕𝟖 𝐙𝐞𝐫𝐨-𝐃𝐚𝐲 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛
@PurpleOps_io
18 Nov 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3F3CAD1-884B-471E-8FDF-F42DA3DC356E",
"versionEndExcluding": "142.0.7444.175"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]